I am looking for some best practice methods for setting file security on a file server. What we have is a network share with departmental folders at the root. Everyone can view these initial folders but not browse them. What I am wondering is what is best practice for organizing the department folders. In each department there are folders/files that need to be viewed/modified by people outside that department. Currently we are debating whether to put a Private and Public folder in each department. Then when someone outside the department needs access it would go in the public with the appropriate permissions. Here are some of the problems with this approach:
-When someone needs access outside the department, there is duplicate folder structure in the Public and Private...this could make it confusing to find things for the people in that dept.
-How do we handle inherited permissions in the Public folder...We do not want to have to break inheritance but if there is a folder that is not to be viewed by anyone but one person outside the dept, how do we accomplish this.
Any suggestions on this would be great!